Mass Injection On John Sands Greeting Card Company Site
Threat Type: Malicious Web Site / Malicious Code
John Sands is the largest greeting card company in Australasia, helping both Australians and New Zealanders to celebrate with a huge variety of cards and gift wrap items under their brand names such as John Sands, The Ink Group, Momentum Greetings and Creative Stationery. Acquired by American Greetings in 1996, the company was founded in 1837 by John Sands, the son of an English engraver. The company is Australia's second oldest registered company.
In an effort to protect their visitors, Websense Security Labs has contacted John Sands Greeting Card Company and advised them on this incident. Websense ThreatSeeker Network has been tracking how such attacks prevail over such reputed Web sites, targeting their peers and other visitors.
Screenshot of the infected site:
Screenshot of the infected site source and malicious payloads:
Websense Messaging and Websense Web Security customers are protected against this attack.